[macruby-changes] [MacRuby/MacRuby] c5a2b5: IO#read and command execution with backquote will ...
noreply at github.com
noreply at github.com
Thu May 5 07:34:40 PDT 2011
Branch: refs/heads/master
Home: https://github.com/MacRuby/MacRuby
Commit: c5a2b55c2112f95e2a64a92019e5cdab88859829
https://github.com/MacRuby/MacRuby/commit/c5a2b55c2112f95e2a64a92019e5cdab88859829
Author: Watson <watson1978 at gmail.com>
Date: 2011-05-05 (Thu, 05 May 2011)
Changed paths:
M io.c
Log Message:
-----------
IO#read and command execution with backquote will return tainted string.
Test Script:
{{{
require 'test/unit/assertions.rb'
include Test::Unit::Assertions
require 'tempfile'
def make_tempfile
t = Tempfile.new("foo")
t.binmode
t.puts "foo"
t.puts "bar"
t.puts "baz"
t.close
t
end
t = make_tempfile
File.open(t.path) { |f|
assert(f.read(2).tainted?)
}
puts :ok
}}}
{{{
require 'test/unit/assertions.rb'
include Test::Unit::Assertions
str = `date`
assert(str.tainted?)
puts :ok
}}}
More information about the macruby-changes
mailing list